Components
Vulnerabilities
Pricing
MCP
Docs
Sign up
Login
Find vulnerabilities. Fix fast with AI.
Search components by package, version, or CVE to get started.
Ecosystem
Package
Version
Vulnerabilities
sonatype-2025-007441
sonatype-2025-007441
Malicious Packages - Fri Dec 05 2025 [RCE] [Backdoor]
Published Dec 5, 2025
https://help.sonatype.com/en/sonatype-malware-data.html
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-191973.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-191977.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192024.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192026.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192055.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192091.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192143.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192165.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192193.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192202.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192210.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192242.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192487.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192532.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192786.json
https://osv-vulnerabilities.storage.googleapis.com/npm/MAL-2025-192794.json
CVSS Score
High
8.7
Components Impacted
Components Impacted
Security Details
Security Details
Sonatype Research
Sonatype Research
Ecosystem
Package
Version
Ecosystem
Package
Version
npm
elf-stats-caroling-giftbox-184
1.0.0
npm
elf-stats-cheery-sparkler-521
1.0.0
npm
elf-stats-evergreen-muffin-867
0.0.1-security
npm
elf-stats-evergreen-muffin-867
1.0.0
npm
elf-stats-evergreen-muffin-867
1.0.1
npm
elf-stats-evergreen-muffin-867
1.0.2
npm
elf-stats-evergreen-muffin-867
1.0.3
npm
elf-stats-evergreen-snowglobe-961
1.0.0
npm
elf-stats-frostbitten-reindeer-875
1.0.0
npm
elf-stats-fuzzy-fir-973
0.0.1-security
npm
elf-stats-fuzzy-fir-973
1.0.1
npm
elf-stats-fuzzy-fir-973
1.0.2
npm
elf-stats-fuzzy-fir-973
1.0.3
npm
elf-stats-ginger-bell-819
1.0.0
npm
elf-stats-gingersnap-pinecone-440
1.0.0
npm
elf-stats-midnight-mitten-226
1.0.0
npm
elf-stats-mistletoe-cookie-256
1.0.1
npm
elf-stats-rooftop-stockpile-626
0.0.1-security
npm
elf-stats-rooftop-stockpile-626
99.0.0
npm
elf-stats-rooftop-stockpile-626
99.0.10
npm
elf-stats-rooftop-stockpile-626
99.0.11
npm
elf-stats-rooftop-stockpile-626
99.0.12
npm
elf-stats-rooftop-stockpile-626
99.0.13
npm
elf-stats-rooftop-stockpile-626
99.0.14
npm
elf-stats-rooftop-stockpile-626
99.0.1
npm
elf-stats-rooftop-stockpile-626
99.0.2
npm
elf-stats-rooftop-stockpile-626
99.0.3
npm
elf-stats-rooftop-stockpile-626
99.0.4
npm
elf-stats-rooftop-stockpile-626
99.0.5
npm
elf-stats-rooftop-stockpile-626
99.0.6
npm
elf-stats-rooftop-stockpile-626
99.0.7
npm
elf-stats-rooftop-stockpile-626
99.0.8
npm
elf-stats-rooftop-stockpile-626
99.0.9
npm
elf-stats-sleighing-stocking-579
1.0.0
npm
elf-stats-sleighing-stocking-579
1.0.1
npm
elf-stats-sleighing-stocking-579
1.0.2
npm
elf-stats-sleighing-stocking-579
1.0.3
npm
elf-stats-snowdusted-fireplace-396
1.0.0
npm
elf-stats-snowy-candy-850
1.0.0
npm
elf-stats-snowy-cookiejar-589
1.0.0
npm
elf-stats-sparkly-sled-484
1.0.0
npm
elf-stats-sparkly-toolkit-821
1.0.1
npm
elf-stats-sparkly-toolkit-821
1.0.2
npm
elf-stats-sparkly-toolkit-821
1.0.3
npm
elf-stats-sparkly-toolkit-821
1.0.4
npm
elf-stats-sparkly-workbench-540
1.0.0
npm
elf-stats-storybook-bow-866
1.0.0
npm
elf-stats-tinsel-saddlebag-152
1.0.0
npm
elf-stats-whimsical-chimney-949
1.0.0
npm
elf-stats-whimsical-cocoa-613
1.0.0
1-50 of 59
sonatype-2025-007441 | Components Impacted | Sonatype Guide | Sonatype Guide
